This letter was wriiten by Yurong Lin, CEO of Deepnet Explorer on March 11, 2005We, the developers of Deepnet Explorer, believe that one of the most important issues is the growing number of internet users falling victim to phishing, identity theft and other online scams. Our mission is to combat this growing threat, by providing a secure web browser, Deepnet Explorer, that protects users from being victim of online fraud. We are writing this letter hoping that together we, and all browsers, can unite by implementing anti-phishing features and standards that will help users defend against phishing scams and online identity theft. Let me explain…Most commercial web sites rely on a relatively weak form of password authentication: the browser simply sends a user's plaintext password to a remote web server. As you know, this form of password authentication is vulnerable to phishing scams.In phishing scams, users are typically directed to spoof web sites where they are asked to enter their usernames and passwords. By masquerading as a legitimate site, a phishing site obtains the user's plaintext password for the legitimate site.This is why we urge you to join us in the fight against phishing by implementing Password Hashing, which provides a simple yet very effective way of defending against phishing scams. Rather than send the user's plaintext password to a web site, browsers that supports password hashing, such as Deepnet Explorer, send the hash of the user's password combined with the domain name of the web site. The hash data is not only cryptographic; it is also specific to the web site itself. In other words, password hash received at the phishing site is not useful at any other site.Deepnet Explorer has taken the initiative by introducing a new attribute to the INPUT element in HTML form. The new attribute is named “PROTECT”, and it can be applied to the password input as well as any other input that requires protection, such as the credit card number, social security number etc. The result is that any type of input data, not only the password, can be protected. Currently, Deepnet Explorer 1.4 supports two hashing algorithms, MD5 and SHA1. Following is a piece of example code: